Bump the prod-deps group across 1 directory with 5 updates

[dependabot]

Bumps the prod-deps group with 5 updates in the / directory:

Package	From	To
@oclif/plugin-help	6.2.14	6.2.15
@tufjs/repo-mock	3.0.0	3.0.1
jose	5.9.3	5.9.4
express	4.21.0	4.21.1
tuf-js	3.0.0	3.0.1

Updates @oclif/plugin-help from 6.2.14 to 6.2.15

Release notes

Sourced from @​oclif/plugin-help's releases.

6.2.15

Bug Fixes

• deps: bump @​oclif/core from 4.0.27 to 4.0.28 (#821) (ac76e93)

Changelog

Sourced from @​oclif/plugin-help's changelog.

6.2.15 (2024-10-13)

Bug Fixes

• deps: bump @​oclif/core from 4.0.27 to 4.0.28 (#821) (ac76e93)

Commits

• f014cc2 chore(release): 6.2.15 [skip ci]
• ac76e93 fix(deps): bump @​oclif/core from 4.0.27 to 4.0.28 (#821)
• ce9d2f3 chore(dev-deps): bump typescript from 5.6.2 to 5.6.3 (#822)
• 35752ec chore(dev-deps): bump eslint-config-oclif-typescript (#823)
• d68b71d chore(dev-deps): bump @​types/node from 18.19.54 to 18.19.55 (#824)
• 84912ca chore(dev-deps): bump oclif from 4.14.36 to 4.15.2 (#818)
• See full diff in compare view

Updates @tufjs/repo-mock from 3.0.0 to 3.0.1

Release notes

Sourced from @​tufjs/repo-mock's releases.

@​tufjs/repo-mock@​3.0.1

Patch Changes

• Updated dependencies [47b931f]
• Updated dependencies [777b805]
  • @​tufjs/models@​3.0.1

Commits

• 18a6f58 Version Packages (#790)
• 7492e1f add conformance test driver (#792)
• 0c68729 Bump @​oclif/plugin-help in the prod-deps group across 1 directory (#791)
• 897aa37 clean-up stray references to node 16 (#786)
• 777b805 raise error when required metadata fields missing (#785)
• 7f1aa4b Bump the dev-deps group with 5 updates (#788)
• 07ca013 Bump the minor-patch group with 3 updates (#789)
• 6915c1f ensure role name properly encoded (#783)
• 47b931f reject duplicate keyids in signatures list (#781)
• cb54532 raise error on root metadata error (#779)
• See full diff in compare view

Updates jose from 5.9.3 to 5.9.4

Release notes

Sourced from jose's releases.

v5.9.4

Refactor

• types: update error definitions (510c5ca)

Changelog

Sourced from jose's changelog.

5.9.4 (2024-10-11)

Refactor

• types: update error definitions (510c5ca)

Commits

• 507bf42 chore(release): 5.9.4
• 5df0893 test: update Deno@2 expectations
• 510c5ca refactor(types): update error definitions
• a52c4a1 test: update Firefox X25519 expectations
• 2acecc9 chore: updated sponsor logo
• 4a6dd82 docs: update remote example
• 20acc7b ci: make ready for deno@2
• 80e8d1b ci: make ready for deno@2
• a7fe6d9 chore: bump dev deps
• 06d42ec chore: cleanup after release
• See full diff in compare view

Updates express from 4.21.0 to 4.21.1

Release notes

Sourced from express's releases.

4.21.1

What's Changed

• Backport a fix for CVE-2024-47764 to the 4.x branch by @​joshbuker in expressjs/express#6029
• Release: 4.21.1 by @​UlisesGascon in expressjs/express#6031

Full Changelog: expressjs/express@4.21.0...4.21.1

Changelog

Sourced from express's changelog.

4.21.1 / 2024-10-08

• Backported a fix for CVE-2024-47764

Commits

• 8e229f9 4.21.1
• a024c8a fix(deps): [email protected]
• See full diff in compare view

Updates tuf-js from 3.0.0 to 3.0.1

Release notes

Sourced from tuf-js's releases.

[email protected]

Patch Changes

• cb54532: Ensure errors are thrown when root metadata is invalid
• 6915c1f: Ensure that role names are properly encoded when used in URLs or file names
• Updated dependencies [47b931f]
• Updated dependencies [777b805]
  • @​tufjs/models@​3.0.1

Commits

• 18a6f58 Version Packages (#790)
• 7492e1f add conformance test driver (#792)
• 0c68729 Bump @​oclif/plugin-help in the prod-deps group across 1 directory (#791)
• 897aa37 clean-up stray references to node 16 (#786)
• 777b805 raise error when required metadata fields missing (#785)
• 7f1aa4b Bump the dev-deps group with 5 updates (#788)
• 07ca013 Bump the minor-patch group with 3 updates (#789)
• 6915c1f ensure role name properly encoded (#783)
• 47b931f reject duplicate keyids in signatures list (#781)
• cb54532 raise error on root metadata error (#779)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[changeset-bot]

🦋 Changeset detected

Latest commit: b91daaa

The changes in this PR will be included in the next version bump.

This PR includes changesets to release 3 packages

Name	Type
@sigstore/mock-server	Patch
@sigstore/mock	Patch
@sigstore/tuf	Patch

Not sure what this means? Click here to learn what changesets are.

Click here if you're a maintainer who wants to add another changeset to this PR